From patchwork Sat Apr 4 05:52:29 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: DJ Delorie X-Patchwork-Id: 38749 Return-Path: X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) by sourceware.org (Postfix) with ESMTP id 530E6385DC00 for ; Sat, 4 Apr 2020 05:52:35 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 530E6385DC00 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-47-lKP3MNr3Oym5zp9uB62isg-1; Sat, 04 Apr 2020 01:52:33 -0400 X-MC-Unique: lKP3MNr3Oym5zp9uB62isg-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 661868017F3 for ; Sat, 4 Apr 2020 05:52:32 +0000 (UTC) Received: from greed.delorie.com (ovpn-114-252.phx2.redhat.com [10.3.114.252]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3A3DF1001938 for ; Sat, 4 Apr 2020 05:52:32 +0000 (UTC) Received: from greed.delorie.com.redhat.com (localhost [127.0.0.1]) by greed.delorie.com (8.14.7/8.14.7) with ESMTP id 0345qTre020083 for ; Sat, 4 Apr 2020 01:52:29 -0400 Date: Sat, 04 Apr 2020 01:52:29 -0400 Message-Id: From: DJ Delorie To: libc-alpha@sourceware.org Subject: malloc: ensure set_max_fast never stores zero X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-26.4 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Apr 2020 05:52:36 -0000 The code for set_max_fast() stores an "impossibly small value" instead of zero, when the parameter is zero. However, for small values of the parameter (ex: 1 or 2) the computation results in a zero being stored anyway. This patch checks for the parameter being small enough for the computation to result in zero instead, so that a zero is never stored. key values which result in zero being stored: x86-64: 1..7 (or other 64-bit) i686: 1..11 armhfp: 1..3 (or other 32-bit) Reviewed-by: Carlos O'Donell diff --git a/malloc/malloc.c b/malloc/malloc.c index 6acb5ad43a..ee87ddbbf9 100644 --- a/malloc/malloc.c +++ b/malloc/malloc.c @@ -1632,7 +1632,7 @@ static INTERNAL_SIZE_T global_max_fast; */ #define set_max_fast(s) \ - global_max_fast = (((s) == 0) \ + global_max_fast = (((size_t) (s) <= MALLOC_ALIGN_MASK - SIZE_SZ) \ ? MIN_CHUNK_SIZE / 2 : ((s + SIZE_SZ) & ~MALLOC_ALIGN_MASK)) static inline INTERNAL_SIZE_T